


using System;
using System.Linq;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.Filters;
using CMS_Admin.Backend.Api.ParamModel;

public class AuthonizationAttribute : Attribute, IAuthorizationFilter
{

    public void OnAuthorization(AuthorizationFilterContext context)
    {

        // var claims = context.HttpContext.AuthenticateAsync().Result
        //                 .Principal.Claims.FirstOrDefault().Subject.Claims;

        //    var name = claims.FirstOrDefault(c => c.Type =="username")?.Value; 

        var oldPath=context.HttpContext.Request.Path.ToString()+"/";
       
        var length = oldPath.IndexOf("/",1)+1;
    
       var path = oldPath.Substring(0,length);
        
        if(path=="/user/"){
            if(oldPath!="/user/token/" && oldPath!="/user/register/"){

                 context.Result= new JsonResult("affjjj");

            }
             

        }
        
        // var roleType = int.Parse(context.HttpContext.User.Claims.First(c => c.Type == "id").Value);
        // //这里可以做复杂的权限控制操作
        // if (context.HttpContext.User.Identity.IsAuthenticated)
        // {
        //     if (roleType <= 0)
        //     {
        //         RedirectToActionResult content = new RedirectToActionResult("NoAuth", "Exception", null);
        //         context.Result = content;

        //     }
        //     //未通过验证则跳转到无权限提示页

        // }


    }



}

